US11696130B2 - Mobile phone authentication method using implicit authentication - Google Patents

Mobile phone authentication method using implicit authentication Download PDF

Info

Publication number
US11696130B2
US11696130B2 US17/256,230 US201817256230A US11696130B2 US 11696130 B2 US11696130 B2 US 11696130B2 US 201817256230 A US201817256230 A US 201817256230A US 11696130 B2 US11696130 B2 US 11696130B2
Authority
US
United States
Prior art keywords
data
server
authentication
behavior data
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active, expires
Application number
US17/256,230
Other versions
US20210266740A1 (en
Inventor
Dae Seon Choi
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Foundation of Soongsil University Industry Cooperation
Original Assignee
Foundation of Soongsil University Industry Cooperation
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Foundation of Soongsil University Industry Cooperation filed Critical Foundation of Soongsil University Industry Cooperation
Assigned to FOUNDATION OF SOONGSIL UNIVERSITY-INDUSTRY COOPERATION reassignment FOUNDATION OF SOONGSIL UNIVERSITY-INDUSTRY COOPERATION ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: CHOI, DAE SEON
Publication of US20210266740A1 publication Critical patent/US20210266740A1/en
Application granted granted Critical
Publication of US11696130B2 publication Critical patent/US11696130B2/en
Active legal-status Critical Current
Adjusted expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N20/00Machine learning
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/02Neural networks
    • G06N3/04Architecture, e.g. interconnection topology
    • G06N3/045Combinations of networks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/02Neural networks
    • G06N3/08Learning methods
    • G06N3/088Non-supervised learning, e.g. competitive learning
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/63Location-dependent; Proximity-dependent
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/65Environment-dependent, e.g. using captured environmental data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/68Gesture-dependent or behaviour-dependent
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/02Services making use of location information
    • H04W4/025Services making use of location information using location based information parameters

Definitions

  • This disclosure relates to a mobile phone authentication method using implicit authentication, and more particularly, to a technology for identifying and authenticating a user in mobile phone authentication using a short message service (SMS).
  • SMS short message service
  • an authentication method using a mobile phone is being widely used to identify a user online, such as signing-up for a specific website, payment in an Internet shopping mall or a financial transaction through a financial institution web.
  • a resident registration number and a mobile phone number of a user are input into a provided authentication page, and then user authentication is performed by checking the occupancy of user's mobile phone through the input of an authentication number transmitted to the mobile phone of the user.
  • the mobile phone authentication system when performing user authentication, provides an authentication page to the user through a web browser or the like, receives user information (a resident registration number, a communication company name, a mobile phone number, or the like) on the provided authentication page, and transmits the received user information to a server.
  • user information a resident registration number, a communication company name, a mobile phone number, or the like
  • the server accesses a communication company server of the communication company to which the user has subscribed based on the input user information, and compares the input user information with user information such as the resident registration number and the mobile communication terminal number of the user, stored in the communication company server, to determine whether the user information matches. In this case, if it is determined that the user information is matched, a message including an authentication number according to user authentication is sent to a terminal of the user through a mobile communication network of the communication company server.
  • this conventional method is very vulnerable to an attack of stealing an SMS authentication by smishing or the like.
  • SMS authentication security application APP
  • the present disclosure is designed to solve the problems of the conventional mobile phone authentication method as described above, and the present disclosure is directed to providing a mobile phone authentication method using implicit authentication, which enables a user to be identified in authentication of a mobile phone user using an implicit authentication technology.
  • a mobile phone authentication method using implicit authentication comprises: by a server, receiving behavior data and environment information data from a user terminal when a user checks an authentication number for authentication of a mobile phone user; by the server, detecting a start point of a behavior of the user for checking the authentication number by performing peak detection in the received behavior data, and storing behavior data from the detected start point; and by the server, extracting feature data from the received environment information data and learning the extracted feature data to build a learning model.
  • the behavior data may be three-axis acceleration data of the user terminal and three-axis gyro sensor data of the user terminal, sampled according to a set cycle.
  • the step of detecting a start point of a behavior and storing behavior data from the detected start point may include: by the server, normalizing the received behavior data; and calculating a mean value for each data in the behavior data received multiple times.
  • the environment information data may include at least one of device information, wireless access point (AP) information. Bluetooth information and GPS information.
  • AP wireless access point
  • the server may extract the feature data by comparing the received environment information data with environment information data registered previously.
  • the learning model may be an auto-encoder type model.
  • the method may further comprise: by the server, sending the authentication number and a request for transmission of behavior data and environment information data to the user terminal.
  • the behavior data may be received and stored according to each posture of the user terminal classified in advance.
  • a mobile phone authentication method using implicit authentication comprises: by a server, receiving a request for authentication of a mobile phone user for a user terminal; by the server, sending an authentication number and a request for transmission of behavior data and environment information data to the user terminal; by the server, determining a posture of the user terminal by using received behavior data; by the server, detecting a start point of a behavior of the user for checking the authentication number by performing peak detection in the received behavior data; by the server, calculating a degree of accordance or discordance by comparing the behavior data from the detected start point with behavior data according to the determined posture of the mobile phone among behavior data stored in advance; by the server, calculating reliability by inputting the received environment information data to a learning model built in advance; and by the server, determining whether user authentication is successful based on the calculated degree of accordance or discordance and the calculated reliability.
  • the step of detecting a start point may include by the server, normalizing the received behavior data.
  • the server may calculate the degree of accordance or discordance by using dynamic time warping.
  • the server may extract feature data from received environment information data and calculate reliability by inputting the extracted feature data to the learning model.
  • the mobile phone authentication method using implicit authentication checks whether behavior data and environment information data of the user performing authentication of a mobile phone user are matched with data of a registered user, in order to prevent the user authentication from being passed by fraudulent use of the mobile phone by a person other than the user without requiring an additional operation of the user.
  • FIG. 1 is a diagram schematically showing a system in which a mobile phone authentication method using implicit authentication according to an embodiment of the present disclosure is performed.
  • FIG. 2 is a flowchart for illustrating an authentication data construction process in the mobile phone authentication method using implicit authentication according to an embodiment of the present disclosure.
  • FIGS. 3 to 5 are diagrams for illustrating a behavior data registration process in the mobile phone authentication method using implicit authentication according to an embodiment of the present disclosure.
  • FIG. 6 is a diagram for illustrating a process of generating an environment information learning model in the mobile phone authentication method using implicit authentication according to an embodiment of the present disclosure.
  • FIG. 7 is a flowchart for illustrating a mobile phone authentication method using implicit authentication according to an embodiment of the present disclosure.
  • FIG. 1 is a diagram schematically showing a system in which a mobile phone authentication method using implicit authentication according to an embodiment of the present disclosure is performed.
  • a mobile phone authentication method using implicit authentication is performed by interaction between a user terminal 100 and a server 200 .
  • the user terminal 100 may be a mobile phone of a user and may include a smart watch of the user terminal 100 if the mobile phone is interlocked with the smart watch.
  • the server 200 may be an authentication server that performs identification of a mobile phone user.
  • a website server for providing an authentication page may operate in connection with the above configuration.
  • a communication company server for checking user authentication information, or the like may operate in connection with the above configuration.
  • the user terminal 100 may be configured to transmit behavior data of the user (or, user behavior data) and environment information data to the server 200 .
  • the user behavior data may be data output from an acceleration sensor (a sensor that measures the acceleration of the mobile phone itself) and a gyro sensor of the mobile phone.
  • the user behavior data is data about the behavior performed by the user to check an authentication number
  • implicit authentication is performed using a behavior pattern of the user when the user checks the authentication number.
  • the acceleration sensor and the gyro sensor of the mobile phone may be a 3-axis acceleration sensor and a 3-axis gyro sensor, respectively.
  • the environment information data is data about the surrounding environment where mobile phone authentication is performed and the user terminal 100 , and may include device information (a brand, a manufacturer, a device model, a serial number, or the like), wireless access point (AP) information, Bluetooth information, GPS information, and the like.
  • device information a brand, a manufacturer, a device model, a serial number, or the like
  • AP wireless access point
  • Bluetooth information a GPS information, and the like.
  • the user terminal 100 may be configured to transmit the above information to the server 200 according to a request of the server 200 .
  • an application (APP) for transmitting the above information may be installed at the user terminal 100 , or the user terminal 100 may also be equipped with the information transmission function when being shipped.
  • FIG. 2 is a flowchart for illustrating an authentication data construction process in the mobile phone authentication method using implicit authentication according to an embodiment of the present disclosure
  • FIGS. 3 to 5 are diagrams for illustrating a behavior data registration process in the mobile phone authentication method using implicit authentication according to an embodiment of the present disclosure
  • FIG. 6 is a diagram for illustrating a process of generating an environment information learning model in the mobile phone authentication method using implicit authentication according to an embodiment of the present disclosure. The user registration process for mobile phone will be described with reference to FIGS. 2 to 6 .
  • the server 200 may provide a user registration webpage or the like so that an operation such as mobile phone user authentication may be performed later. That is, the user may perform user registration by entering an authentication number on a user registration webpage through an authentication number verification process, and this user registration process may be performed in the form of collecting data multiple times for each posture of the user terminal 100 .
  • an acceleration sensor value and a gyro sensor value may be used as the user behavior data, and these data may be differently represented for each posture of the user terminal 100 .
  • a plurality of postures of the user terminal 100 may be classified in advance, and the user behavior data may be registered for each posture.
  • the posture of the user terminal 100 may be classified into a case where the mobile phone is placed on an object such as a table, a case where the user is holding the mobile phone in hand, a case where the authentication process is performed through the mobile phone in the pocket of the user, or the like, and the user may proceed with user registration by performing an action according to each posture set in advance.
  • the server 200 transmits an authentication number and a signal for requesting behavior data and environment information data to the user terminal 100 , and the user may perform an action according to the designated posture of the mobile phone to check the authentication number so that user registration is performed.
  • the server 200 receives user behavior data and environment information data for each posture of the mobile phone from the user terminal 100 (S 200 ). That is, the server 200 collects behavior data and environment information data as described above for user registration.
  • the user terminal 100 may sample data according to a preset cycle (e.g., 10 ms) and transmit the data to the server 200 .
  • a preset cycle e.g. 10 ms
  • the server 200 detects a start point of the behavior of the user to check the authentication number through peak detection in the received behavior data, and stores the behavior data from the detected start point (S 210 ).
  • This behavior data registration process will be described as follows with reference to FIGS. 3 to 5 .
  • the server 200 may process the received data to perform data comparison and analysis, and as shown in FIG. 3 , the server 200 may normalize the received behavior data first. That is, the server 200 may convert sensor data into a value between 0 and 1 by performing maximum and minimum scaling (Min Max Scaling).
  • the server 200 may calculate a mean value for each data (x-axis, y-axis and z-axis acceleration sensor values and x-axis, y-axis and z-axis gyro sensor values) from the received behavior data (or the normalized behavior data), and perform data processing using the calculated mean value. That is, as described above, the behavior data may be received multiple times for each posture of the mobile phone, so the data may be processed through averaging.
  • the server 200 may detect the start point of the behavior of the user to check the authentication number through peak detect in the data processed with the mean value.
  • the peak detection may be performed by detecting a point in which the rate of change of data is equal to or greater than a preset reference value, comparing a mean rate of change of data in a certain region with a reference value, or the like, and various other methods may also be used.
  • the server 200 may store the behavior data from the detected start point.
  • the server 200 may set a peak point as the start point, but in order to prevent data loss related to the behavior of the user to verify the authentication number, the server 200 may also set a point before a certain number (e.g., 4) as the start point of the behavior.
  • the behavior data may be stored for each posture of the mobile phone.
  • the server 200 extracts feature data from the received environment information data, and inputs the extracted feature data to an auto-encoder (AE) to perform learning (S 220 ).
  • AE auto-encoder
  • the environment information data is data about the surrounding environment where the mobile phone authentication is performed and the user terminal 100 , and may include device information (a brand, a manufacturer, a device model, a serial number, or the like), wireless access point (AP) information (BSSID (MAC address of the wireless AP). RSSI (signal intensity)), Bluetooth information (MAC address, RSSI). GPS information (latitude, longitude), and the like.
  • device information a brand, a manufacturer, a device model, a serial number, or the like
  • AP wireless access point
  • RSSI signal intensity
  • Bluetooth information MAC address, RSSI
  • GPS information latitude, longitude
  • the server 200 first processes the environment information data to extract feature data.
  • the server 200 may extract a character string that combines the brand, the manufacturer and the device model name, BSSID of three wireless APs with strong signal strength and RSSI thereof, Bluetooth MAC of the user terminal 100 , or the like.
  • the server 200 may register the character string that combines the brand, the manufacturer and the device model name, the BSSID of three wireless APs with strong signal strength, the Bluetooth MAC of the user terminal 100 , or the like, in order to extract feature data.
  • the server 200 extracts feature data by comparing previously registered environment information data with the newly inputted environment information data.
  • the server 200 may extract 100 as feature data, and if they are not matched, the server 200 may extract 0 as the feature data.
  • RSSI for the corresponding BSSID may be extracted as feature data, and if not registered, ⁇ 100 may be extracted as feature data.
  • RSSI for the MAC may be extracted as feature data, and if not registered, ⁇ 100 may be extracted as feature data.
  • the latitude and longitude of the user terminal 100 may be extracted as feature data as they are.
  • the server 200 may configure a feature vector of the extracted environment information and learn the feature vector to generate a learning model. In this way, the server 200 may generate and store a learning model for the environment information.
  • the server 200 may perform environment information authentication using a deep learning technique, and specifically, the server 200 may construct an auto-encoder (AE) model by learning the extracted feature vector.
  • AE auto-encoder
  • the AE has a structure as shown in FIG. 6 and is a type of FNN (Feedforward Neural Network), which is a neural network that learns inherent characteristics of data.
  • the AE is a learning model that is trained to generate an output value similar to an input value, and the AE generates an output value with high similarity for an input value similar to the learned data, but an output value for an input value that is not similar to the learned data has low similarity.
  • h ⁇ 1 ( Wx+b )
  • z ⁇ 2 ( W′h+b ′)
  • L ( x,z ) ⁇ x ⁇ 2 ( W ′( ⁇ 1 ( Wx+b ))+ b ′) ⁇ 2 [Equation 1]
  • Equation 1 The learning method of the AE may be explained using Equation 1.
  • h is a result obtained by encoding input data x through the AE
  • z is a result obtained by decoding h
  • ⁇ 1 and ⁇ 2 are activation functions
  • L is a loss function.
  • the learning process of the AE in this equation is a process of finding W and W′ that minimizes the loss function, and if similar data are repeatedly input. W and W′ corresponding to the characteristics of the data may be calculated.
  • the AE outputs data with high similarity between the input value and the output value for the input value similar to the learned data, but for input values not similar to the learned data, the AE outputs data with low similarity between the input value and the output value, i.e., with high dissimilarity.
  • the input environment data is registered in the server 200 , and environment information input for the first time may be processed as all features are matched.
  • the learning model may be configured to continuously learn data inputted during mobile phone authentication, explained later.
  • the order of the step S 210 and the step S 220 is not fixed, so the order of the steps may be changed or both steps may be simultaneously performed in parallel.
  • FIG. 7 is a flowchart for illustrating a mobile phone authentication method using implicit authentication according to an embodiment of the present disclosure.
  • the server 200 when a request for authentication of a mobile phone for the user terminal 100 is received (S 300 ), the server 200 sends an authentication number to the corresponding user terminal 100 and requests transmission of behavior data and environment information data (S 310 ). That is, if there is a request for authentication of the mobile phone, the server 200 may transmit the authentication number to the user terminal 100 and also request for transmission of data required for determining whether the user is a legitimate user. At this time, the behavior data and the environment information data may be requested and received in the same manner as the user registration process of FIG. 2 described above.
  • the server 200 determines the posture of the mobile phone using the received behavior data (S 320 ). That is, since the trend of the behavior data is shown differently according to each posture of the mobile phone, the server 200 may analyze the behavior data and determine the posture of the mobile phone as one of preset postures.
  • the posture may be analyzed through supervised learning machine learning using a support vector machine (SVM).
  • SVM support vector machine
  • the server 200 detects a start point of the behavior taken by the user to check the authentication number through peak detection for the behavior data (S 330 ).
  • the server 200 may detect the start point of the behavior performed by the user to check the authentication number in the same manner as the step S 210 described above, and for this purpose, the server 200 may perform a data normalization process.
  • the server 200 compares the received behavior data with behavior data stored for the determined posture of the mobile phone by means of dynamic time warping (DTW) (S 340 ).
  • DTW dynamic time warping
  • the server 200 may numerically calculate the degree of accordance or discordance between both data by comparing behavior data corresponding to the determined posture of the mobile phone among behavior data stored for each posture of the mobile phone with the data after the behavior start point in the received behavior data.
  • the server 200 may calculate the degree of accordance or discordance between both data sets by using the DTW as described above, as will be described below more specifically.
  • the (i, j) th element of the matrix contains the distance between two points r i and s j .
  • the warping path W is defined as a contiguous set of matrices defined by the mapping between R and S.
  • K in the denominator is used to compensate for the fact that the warping path can have various lengths.
  • Equation 3 defining the distance d(i, j) found in a current cell and ⁇ (i, j), which is the minimum cumulative distance of adjacent elements.
  • ⁇ ( i,j ) d ( r i ,s j )+min( ⁇ ( i ⁇ 1, j ⁇ 1), ⁇ ( i ⁇ 1, j ), ⁇ ( i,j ⁇ 1)) [Equation 3]
  • the server 200 may calculate the DTW value for each data (x-axis, y-axis and z-axis acceleration sensor values and x-axis, y-axis and z-axis gyro sensor values) and calculate the sum of them.
  • the sum calculated in this way is expressed as S_DTW.
  • the server 200 calculates reliability by inputting the received environment information data into the learning model (S 350 ).
  • the server 200 may calculate reliability by extracting feature data from the received environment information data and inputting the extracted feature data into the learning model built in the step S 220 .
  • the process of extracting the feature data may be the same as the above step S 220 .
  • This reliability may be calculated as in Equation 4, where loss c is the loss for newly entered environment data and max(loss e ) is the maximum loss that can be obtained by inputting a feature vector, extracted when the received environment information data and registered environment information data are not entirely matched, into the user environment model.
  • the loss may be a mean squared error of the value output from the learning model and the value input to the learning model, but it is also possible to use various values capable of representing dissimilarity between the value output from the learning model and the value input to the learning model as the loss value.
  • the server 200 determines whether the authentication is successful by combining the DTW result of the step S 340 with the reliability calculated in the step S 350 (S 360 ).
  • the server 200 may determine that user authentication fails, and processes as authentication failure (even if the user inputs the correct authentication number).
  • the server 200 may process as an authentication success, and if the calculated value (score) is larger than the predefined threshold, the server 200 may process as an authentication failure.
  • step S 320 and the step S 330 may be performed simultaneously or sequentially regardless of the order, and the step S 340 and the step S 350 may also be performed simultaneously or sequentially regardless of the order.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • Mathematical Physics (AREA)
  • Evolutionary Computation (AREA)
  • Data Mining & Analysis (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Artificial Intelligence (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Medical Informatics (AREA)
  • Animal Behavior & Ethology (AREA)
  • Human Computer Interaction (AREA)
  • Social Psychology (AREA)
  • Environmental & Geological Engineering (AREA)
  • Computational Linguistics (AREA)
  • Biophysics (AREA)
  • Molecular Biology (AREA)
  • Biomedical Technology (AREA)
  • Telephonic Communication Services (AREA)
  • Telephone Function (AREA)

Abstract

Provided is a mobile phone authentication method using implicit authentication, the method including the steps of: by a server, receiving behavior data and environment information data from a user terminal when a user checks an authentication number for authentication of a mobile phone user; by the server, detecting a start point of a behavior of the user for checking the authentication number by performing peak detection in the received behavior data, and storing behavior data from the detected start point; and by the server, extracting feature data from the received environment information data and learning the extracted feature data to build a learning model.

Description

TECHNICAL FIELD
This disclosure relates to a mobile phone authentication method using implicit authentication, and more particularly, to a technology for identifying and authenticating a user in mobile phone authentication using a short message service (SMS).
BACKGROUND ART
Recently, an authentication method using a mobile phone is being widely used to identify a user online, such as signing-up for a specific website, payment in an Internet shopping mall or a financial transaction through a financial institution web.
In the mobile phone authentication method, a resident registration number and a mobile phone number of a user are input into a provided authentication page, and then user authentication is performed by checking the occupancy of user's mobile phone through the input of an authentication number transmitted to the mobile phone of the user.
More specifically, when performing user authentication, the mobile phone authentication system provides an authentication page to the user through a web browser or the like, receives user information (a resident registration number, a communication company name, a mobile phone number, or the like) on the provided authentication page, and transmits the received user information to a server.
Accordingly, the server accesses a communication company server of the communication company to which the user has subscribed based on the input user information, and compares the input user information with user information such as the resident registration number and the mobile communication terminal number of the user, stored in the communication company server, to determine whether the user information matches. In this case, if it is determined that the user information is matched, a message including an authentication number according to user authentication is sent to a terminal of the user through a mobile communication network of the communication company server.
After that, if the user inputs the authentication number sent through the authentication page, user authentication is completed.
However, in the mobile phone authentication method as described above, if a person other than the legitimate user steals the mobile phone of the user and performs authentication, it is not possible to prevent the authentication by the person other than the legitimate user because there is no way to figure out this situation.
In addition, this conventional method is very vulnerable to an attack of stealing an SMS authentication by smishing or the like.
Therefore, it is suggested to installing an SMS authentication security application (APP) on the mobile phone of the user and use the application when authenticating the user, in order to prevent the mobile phone from being fraudulently used through application login and also prevent the SMS authentication number or the like from being stolen.
However, if an application is used, the user must use the application when authenticating the user, which is more cumbersome than the existing method of using an authentication page, so the method using an application is not widely used.
Meanwhile, the background art of the present disclosure is disclosed in Korean Unexamined Patent Publication No. 10-2013-0128089 (Nov. 26, 2013).
DISCLOSURE Technical Problem
The present disclosure is designed to solve the problems of the conventional mobile phone authentication method as described above, and the present disclosure is directed to providing a mobile phone authentication method using implicit authentication, which enables a user to be identified in authentication of a mobile phone user using an implicit authentication technology.
Technical Solution
A mobile phone authentication method using implicit authentication according to an aspect of the present disclosure comprises: by a server, receiving behavior data and environment information data from a user terminal when a user checks an authentication number for authentication of a mobile phone user; by the server, detecting a start point of a behavior of the user for checking the authentication number by performing peak detection in the received behavior data, and storing behavior data from the detected start point; and by the server, extracting feature data from the received environment information data and learning the extracted feature data to build a learning model.
In the present disclosure, the behavior data may be three-axis acceleration data of the user terminal and three-axis gyro sensor data of the user terminal, sampled according to a set cycle.
In the present disclosure, the step of detecting a start point of a behavior and storing behavior data from the detected start point may include: by the server, normalizing the received behavior data; and calculating a mean value for each data in the behavior data received multiple times.
In the present disclosure, the environment information data may include at least one of device information, wireless access point (AP) information. Bluetooth information and GPS information.
In the present disclosure, in the step of extracting feature data and learning the extracted feature data to build a learning model, the server may extract the feature data by comparing the received environment information data with environment information data registered previously.
In the present disclosure, the learning model may be an auto-encoder type model.
In the present disclosure, before the step of receiving behavior data and environment information data, the method may further comprise: by the server, sending the authentication number and a request for transmission of behavior data and environment information data to the user terminal.
In the present disclosure, the behavior data may be received and stored according to each posture of the user terminal classified in advance.
A mobile phone authentication method using implicit authentication according to another aspect of the present disclosure comprises: by a server, receiving a request for authentication of a mobile phone user for a user terminal; by the server, sending an authentication number and a request for transmission of behavior data and environment information data to the user terminal; by the server, determining a posture of the user terminal by using received behavior data; by the server, detecting a start point of a behavior of the user for checking the authentication number by performing peak detection in the received behavior data; by the server, calculating a degree of accordance or discordance by comparing the behavior data from the detected start point with behavior data according to the determined posture of the mobile phone among behavior data stored in advance; by the server, calculating reliability by inputting the received environment information data to a learning model built in advance; and by the server, determining whether user authentication is successful based on the calculated degree of accordance or discordance and the calculated reliability.
In the present disclosure, the step of detecting a start point may include by the server, normalizing the received behavior data.
In the step of calculating a degree of accordance or discordance according to the present disclosure, the server may calculate the degree of accordance or discordance by using dynamic time warping.
In the step of calculating reliability according to the present disclosure, the server may extract feature data from received environment information data and calculate reliability by inputting the extracted feature data to the learning model.
Advantageous Effects
The mobile phone authentication method using implicit authentication according to the present disclosure checks whether behavior data and environment information data of the user performing authentication of a mobile phone user are matched with data of a registered user, in order to prevent the user authentication from being passed by fraudulent use of the mobile phone by a person other than the user without requiring an additional operation of the user.
DESCRIPTION OF DRAWINGS
FIG. 1 is a diagram schematically showing a system in which a mobile phone authentication method using implicit authentication according to an embodiment of the present disclosure is performed.
FIG. 2 is a flowchart for illustrating an authentication data construction process in the mobile phone authentication method using implicit authentication according to an embodiment of the present disclosure.
FIGS. 3 to 5 are diagrams for illustrating a behavior data registration process in the mobile phone authentication method using implicit authentication according to an embodiment of the present disclosure.
FIG. 6 is a diagram for illustrating a process of generating an environment information learning model in the mobile phone authentication method using implicit authentication according to an embodiment of the present disclosure.
FIG. 7 is a flowchart for illustrating a mobile phone authentication method using implicit authentication according to an embodiment of the present disclosure.
 BEST MODE
Hereinafter, an embodiment of a mobile phone authentication method using implicit authentication according to the present disclosure will be described with reference to the accompanying drawings. Here, the thickness of lines or the size of components shown in the drawings may be exaggerated for clarity and convenience of description. In addition, terms to be described later are defined in consideration of functions in the present disclosure and may be changed according to the intention or custom of users and operators. Therefore, these terms should be defined based on the contents throughout this specification.
FIG. 1 is a diagram schematically showing a system in which a mobile phone authentication method using implicit authentication according to an embodiment of the present disclosure is performed.
As shown in FIG. 1 , a mobile phone authentication method using implicit authentication according to an embodiment of the present disclosure is performed by interaction between a user terminal 100 and a server 200. Here, the user terminal 100 may be a mobile phone of a user and may include a smart watch of the user terminal 100 if the mobile phone is interlocked with the smart watch. Also, the server 200 may be an authentication server that performs identification of a mobile phone user.
In addition, in the operational configuration according to the present disclosure, a website server for providing an authentication page, a communication company server for checking user authentication information, or the like may operate in connection with the above configuration.
Meanwhile, in order to perform the mobile phone authentication method using implicit authentication according to this embodiment, the user terminal 100 may be configured to transmit behavior data of the user (or, user behavior data) and environment information data to the server 200.
At this time, the user behavior data may be data output from an acceleration sensor (a sensor that measures the acceleration of the mobile phone itself) and a gyro sensor of the mobile phone. In other words, the user behavior data is data about the behavior performed by the user to check an authentication number, and in the mobile phone authentication method using implicit authentication according to this embodiment, implicit authentication is performed using a behavior pattern of the user when the user checks the authentication number. Here, the acceleration sensor and the gyro sensor of the mobile phone may be a 3-axis acceleration sensor and a 3-axis gyro sensor, respectively.
In addition, the environment information data is data about the surrounding environment where mobile phone authentication is performed and the user terminal 100, and may include device information (a brand, a manufacturer, a device model, a serial number, or the like), wireless access point (AP) information, Bluetooth information, GPS information, and the like.
The user terminal 100 may be configured to transmit the above information to the server 200 according to a request of the server 200. For example, an application (APP) for transmitting the above information may be installed at the user terminal 100, or the user terminal 100 may also be equipped with the information transmission function when being shipped.
FIG. 2 is a flowchart for illustrating an authentication data construction process in the mobile phone authentication method using implicit authentication according to an embodiment of the present disclosure, FIGS. 3 to 5 are diagrams for illustrating a behavior data registration process in the mobile phone authentication method using implicit authentication according to an embodiment of the present disclosure, and FIG. 6 is a diagram for illustrating a process of generating an environment information learning model in the mobile phone authentication method using implicit authentication according to an embodiment of the present disclosure. The user registration process for mobile phone will be described with reference to FIGS. 2 to 6 .
In a user registration process for mobile phone authentication, the server 200 may provide a user registration webpage or the like so that an operation such as mobile phone user authentication may be performed later. That is, the user may perform user registration by entering an authentication number on a user registration webpage through an authentication number verification process, and this user registration process may be performed in the form of collecting data multiple times for each posture of the user terminal 100.
That is, in this embodiment, an acceleration sensor value and a gyro sensor value may be used as the user behavior data, and these data may be differently represented for each posture of the user terminal 100. Accordingly, in this embodiment, a plurality of postures of the user terminal 100 may be classified in advance, and the user behavior data may be registered for each posture. Here, the posture of the user terminal 100 may be classified into a case where the mobile phone is placed on an object such as a table, a case where the user is holding the mobile phone in hand, a case where the authentication process is performed through the mobile phone in the pocket of the user, or the like, and the user may proceed with user registration by performing an action according to each posture set in advance.
During the authentication process, the server 200 transmits an authentication number and a signal for requesting behavior data and environment information data to the user terminal 100, and the user may perform an action according to the designated posture of the mobile phone to check the authentication number so that user registration is performed.
Accordingly, as shown in FIG. 2 , the server 200 receives user behavior data and environment information data for each posture of the mobile phone from the user terminal 100 (S200). That is, the server 200 collects behavior data and environment information data as described above for user registration.
Meanwhile, in this process, the user terminal 100 may sample data according to a preset cycle (e.g., 10 ms) and transmit the data to the server 200.
Thereafter, the server 200 detects a start point of the behavior of the user to check the authentication number through peak detection in the received behavior data, and stores the behavior data from the detected start point (S210).
This behavior data registration process will be described as follows with reference to FIGS. 3 to 5 .
The server 200 may process the received data to perform data comparison and analysis, and as shown in FIG. 3 , the server 200 may normalize the received behavior data first. That is, the server 200 may convert sensor data into a value between 0 and 1 by performing maximum and minimum scaling (Min Max Scaling).
In addition, as shown in FIG. 4 , the server 200 may calculate a mean value for each data (x-axis, y-axis and z-axis acceleration sensor values and x-axis, y-axis and z-axis gyro sensor values) from the received behavior data (or the normalized behavior data), and perform data processing using the calculated mean value. That is, as described above, the behavior data may be received multiple times for each posture of the mobile phone, so the data may be processed through averaging.
Finally, as shown in FIG. 5 , the server 200 may detect the start point of the behavior of the user to check the authentication number through peak detect in the data processed with the mean value. Here, the peak detection may be performed by detecting a point in which the rate of change of data is equal to or greater than a preset reference value, comparing a mean rate of change of data in a certain region with a reference value, or the like, and various other methods may also be used.
The server 200 may store the behavior data from the detected start point. The server 200 may set a peak point as the start point, but in order to prevent data loss related to the behavior of the user to verify the authentication number, the server 200 may also set a point before a certain number (e.g., 4) as the start point of the behavior.
Meanwhile, as described above, the behavior data may be stored for each posture of the mobile phone.
In addition, the server 200 extracts feature data from the received environment information data, and inputs the extracted feature data to an auto-encoder (AE) to perform learning (S220).
As described above, the environment information data is data about the surrounding environment where the mobile phone authentication is performed and the user terminal 100, and may include device information (a brand, a manufacturer, a device model, a serial number, or the like), wireless access point (AP) information (BSSID (MAC address of the wireless AP). RSSI (signal intensity)), Bluetooth information (MAC address, RSSI). GPS information (latitude, longitude), and the like.
The server 200 first processes the environment information data to extract feature data. For example, the server 200 may extract a character string that combines the brand, the manufacturer and the device model name, BSSID of three wireless APs with strong signal strength and RSSI thereof, Bluetooth MAC of the user terminal 100, or the like.
In addition, the server 200 may register the character string that combines the brand, the manufacturer and the device model name, the BSSID of three wireless APs with strong signal strength, the Bluetooth MAC of the user terminal 100, or the like, in order to extract feature data.
Subsequently, the server 200 extracts feature data by comparing previously registered environment information data with the newly inputted environment information data.
For example, if the character string (the character string that combines the brand, the manufacturer and the device model name) in the newly entered device information is matched with the previously registered character string, the server 200 may extract 100 as feature data, and if they are not matched, the server 200 may extract 0 as the feature data.
If the BSSID of the newly entered wireless AP is already registered. RSSI for the corresponding BSSID may be extracted as feature data, and if not registered, −100 may be extracted as feature data.
If the address of the newly entered Bluetooth MAC is already registered, RSSI for the MAC may be extracted as feature data, and if not registered, −100 may be extracted as feature data.
In addition, the latitude and longitude of the user terminal 100 may be extracted as feature data as they are.
The server 200 may configure a feature vector of the extracted environment information and learn the feature vector to generate a learning model. In this way, the server 200 may generate and store a learning model for the environment information.
That is, the server 200 may perform environment information authentication using a deep learning technique, and specifically, the server 200 may construct an auto-encoder (AE) model by learning the extracted feature vector.
The AE has a structure as shown in FIG. 6 and is a type of FNN (Feedforward Neural Network), which is a neural network that learns inherent characteristics of data. Specifically, the AE is a learning model that is trained to generate an output value similar to an input value, and the AE generates an output value with high similarity for an input value similar to the learned data, but an output value for an input value that is not similar to the learned data has low similarity.
h=σ 1(Wx+b),
z=σ 2(W′h+b′),
L(x,z)=∥x−σ 2(W′(σ1(Wx+b))+b′)∥2  [Equation 1]
The learning method of the AE may be explained using Equation 1. In Equation 1, h is a result obtained by encoding input data x through the AE, z is a result obtained by decoding h, σ1 and σ2 are activation functions, and L is a loss function. The learning process of the AE in this equation is a process of finding W and W′ that minimizes the loss function, and if similar data are repeatedly input. W and W′ corresponding to the characteristics of the data may be calculated.
In other words, if learning is performed by inputting a plurality of data with similarity, the AE outputs data with high similarity between the input value and the output value for the input value similar to the learned data, but for input values not similar to the learned data, the AE outputs data with low similarity between the input value and the output value, i.e., with high dissimilarity.
Meanwhile, for this comparison, the input environment data is registered in the server 200, and environment information input for the first time may be processed as all features are matched.
Meanwhile, in the present disclosure, the learning model may be configured to continuously learn data inputted during mobile phone authentication, explained later.
Meanwhile, in the present disclosure, the order of the step S210 and the step S220 is not fixed, so the order of the steps may be changed or both steps may be simultaneously performed in parallel.
FIG. 7 is a flowchart for illustrating a mobile phone authentication method using implicit authentication according to an embodiment of the present disclosure.
As shown in FIG. 7 , when a request for authentication of a mobile phone for the user terminal 100 is received (S300), the server 200 sends an authentication number to the corresponding user terminal 100 and requests transmission of behavior data and environment information data (S310). That is, if there is a request for authentication of the mobile phone, the server 200 may transmit the authentication number to the user terminal 100 and also request for transmission of data required for determining whether the user is a legitimate user. At this time, the behavior data and the environment information data may be requested and received in the same manner as the user registration process of FIG. 2 described above.
Thereafter, the server 200 determines the posture of the mobile phone using the received behavior data (S320). That is, since the trend of the behavior data is shown differently according to each posture of the mobile phone, the server 200 may analyze the behavior data and determine the posture of the mobile phone as one of preset postures.
At this time, the posture may be analyzed through supervised learning machine learning using a support vector machine (SVM). The classification technology of data using SVM is already well known in the art and thus will not be described in detail here.
In addition, the server 200 detects a start point of the behavior taken by the user to check the authentication number through peak detection for the behavior data (S330).
That is, the server 200 may detect the start point of the behavior performed by the user to check the authentication number in the same manner as the step S210 described above, and for this purpose, the server 200 may perform a data normalization process.
Thereafter, the server 200 compares the received behavior data with behavior data stored for the determined posture of the mobile phone by means of dynamic time warping (DTW) (S340).
That is, the server 200 may numerically calculate the degree of accordance or discordance between both data by comparing behavior data corresponding to the determined posture of the mobile phone among behavior data stored for each posture of the mobile phone with the data after the behavior start point in the received behavior data.
For example, the server 200 may calculate the degree of accordance or discordance between both data sets by using the DTW as described above, as will be described below more specifically.
DTW starts by constructing an n-by-m matrix given when two time series data of length n and in (i.e., the stored behavior data and the received behavior data), R=r1, r2, . . . , ri, . . . , rn and S=s1, s2, . . . , sj, . . . sm. The (i, j)th element of the matrix contains the distance between two points ri and sj. The warping path W is defined as a contiguous set of matrices defined by the mapping between R and S. The kth element of W is defined as wk=(i, j)k, and W=w1, w2, . . . , wk satisfying max(m, m)<=K<=(m+n+1) may be obtained. There are many warping paths that satisfy this, but a path that minimizes warping cost is used as shown in Equation 2 below.
D T W ( R , S ) = min { k = 1 K w k / K } [ Equation 2 ]
Here, K in the denominator is used to compensate for the fact that the warping path can have various lengths.
This path may be found through recurrence calculation using Equation 3 below, defining the distance d(i, j) found in a current cell and γ(i, j), which is the minimum cumulative distance of adjacent elements.
γ(i,j)=d(r i ,s j)+min(γ(i−1,j−1),γ(i−1,j),γ(i,j−1))  [Equation 3]
In addition, the server 200 may calculate the DTW value for each data (x-axis, y-axis and z-axis acceleration sensor values and x-axis, y-axis and z-axis gyro sensor values) and calculate the sum of them. The sum calculated in this way is expressed as S_DTW.
In addition, the server 200 calculates reliability by inputting the received environment information data into the learning model (S350).
Specifically, the server 200 may calculate reliability by extracting feature data from the received environment information data and inputting the extracted feature data into the learning model built in the step S220.
At this time, the process of extracting the feature data may be the same as the above step S220.
confidence = 1 - loss c max ( loss e ) [ Equation 4 ]
This reliability may be calculated as in Equation 4, where lossc is the loss for newly entered environment data and max(losse) is the maximum loss that can be obtained by inputting a feature vector, extracted when the received environment information data and registered environment information data are not entirely matched, into the user environment model.
Here, the loss may be a mean squared error of the value output from the learning model and the value input to the learning model, but it is also possible to use various values capable of representing dissimilarity between the value output from the learning model and the value input to the learning model as the loss value.
Subsequently, the server 200 determines whether the authentication is successful by combining the DTW result of the step S340 with the reliability calculated in the step S350 (S360).
That is, if the DTW result (S_DTW) of the step S340 has a large value or the reliability calculated in the step S350 has a small value, the server 200 may determine that user authentication fails, and processes as authentication failure (even if the user inputs the correct authentication number).
Specifically, for example, if the calculated value (score) is less than or equal to a predefined threshold, the server 200 may process as an authentication success, and if the calculated value (score) is larger than the predefined threshold, the server 200 may process as an authentication failure.
Meanwhile, in this embodiment, the step S320 and the step S330 may be performed simultaneously or sequentially regardless of the order, and the step S340 and the step S350 may also be performed simultaneously or sequentially regardless of the order.
The present disclosure has been described with reference to the embodiment shown in the drawings, but this is only illustrative, and it will be understood by those skilled in the art that various modifications and other equivalent embodiments can be made therefrom. Therefore, the technical protection scope of the present disclosure should be determined by the appended claims.

Claims (7)

The invention claimed is:
1. A terminal authentication method using implicit authentication, the method comprising:
sending, by a server, an authentication number and a request for transmission of behavior data and environment information data to the user terminal;
by a server, receiving behavior data and environment information data from a user terminal for when a user checks an authentication number for user authentication of the user terminal;
by the server, detecting a start point of a behavior of the user terminal for checking the authentication number by performing peak detection in the received behavior data, and storing the behavior data from the detected start point; and
by the server, extracting feature data from the received environment information data and learning the extracted feature data to build a learning model,
wherein the behavior data is received and stored according to each posture of the user terminal classified in advance, wherein the detecting the start point of the behavior and the storing the behavior data from the detected start point comprises:
by the server, normalizing the received behavior data; and
calculating a mean value for a plurality of the received behavior data for each posture of the user terminal;
by the server, calculating a degree of accordance or discordance using dynamic time warping by comparing the behavior data from the detected start point with the behavior data according to the determined posture of the user terminal among behavior data stored in advance;
wherein the calculating the degree of accordance or discordance using dynamic time warping comprises by the server, comparing the behavior data from the detected start point with a mean value for a plurality of behavior data stored in advance for the determined posture of the user terminal;
by the server, calculating reliability by inputting the received environment information data to a learning model built in advance; and
by the server, determining whether the user authentication is successful based on the calculated degree of accordance or discordance and the calculated reliability.
2. The terminal authentication method of claim 1,
wherein the behavior data includes three-axis acceleration data of the user terminal and three-axis gyro sensor data of the user terminal, sampled according to a set cycle.
3. The terminal authentication method of claim 1,
wherein the environment information data includes at least one of device information, wireless access point (AP) information, Bluetooth information, and global positioning system (GPS) information.
4. The terminal authentication method of claim 3,
wherein in the extracting the feature data and learning the extracted feature data to build the learning model, the server extracts the feature data by comparing the received environment information data with environment information data registered previously.
5. The terminal authentication method of claim 1,
wherein the learning model is an auto-encoder type model.
6. A terminal authentication method using implicit authentication, the method comprising:
by a server, receiving a request for user authentication for a user terminal;
by the server, sending an authentication number and a request for transmission of behavior data and environment information data to the user terminal;
by the server determining a posture of the user terminal by using the received behavior data;
by the server, detecting a start point of a behavior of the user terminal for checking the authentication number by performing peak detection in the received behavior data;
wherein the detecting the start point comprises by the server, normalizing the received behavior data;
by the server, calculating a degree of accordance or discordance using dynamic time warping by comparing the behavior data from the detected start point with the behavior data according to the determined posture of the user terminal among behavior data stored in advance;
wherein the calculating the degree of accordance or discordance using dynamic time warning comprises by the server, comparing the behavior data from the detected start point with a mean value for a plurality of behavior data stored in advance for the determined posture of the user terminal;
by the server, calculating reliability by inputting the received environment information data to a learning model built in advance; and
by the server, determining whether the user authentication is successful based on the calculated degree of accordance or discordance and the calculated reliability.
7. The terminal authentication method of claim 6,
wherein in the calculating the reliability, the server extracts feature data from the received environment information data and calculates the reliability by inputting the extracted feature data to the learning model.
US17/256,230 2018-11-27 2018-12-31 Mobile phone authentication method using implicit authentication Active 2039-10-25 US11696130B2 (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
KR1020180148513A KR102081266B1 (en) 2018-11-27 2018-11-27 Authentication method of mobile phone using implicit authentication
KR10-2018-0148513 2018-11-27
PCT/KR2018/016966 WO2020111377A1 (en) 2018-11-27 2018-12-31 Mobile phone authentication method using implicit authentication

Publications (2)

Publication Number Publication Date
US20210266740A1 US20210266740A1 (en) 2021-08-26
US11696130B2 true US11696130B2 (en) 2023-07-04

Family

ID=69647775

Family Applications (1)

Application Number Title Priority Date Filing Date
US17/256,230 Active 2039-10-25 US11696130B2 (en) 2018-11-27 2018-12-31 Mobile phone authentication method using implicit authentication

Country Status (3)

Country Link
US (1) US11696130B2 (en)
KR (1) KR102081266B1 (en)
WO (1) WO2020111377A1 (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20130128089A (en) 2012-05-16 2013-11-26 효성에프엠에스 주식회사 An authentication system using mobile phone and the authentication method
US20140020058A1 (en) * 2012-07-11 2014-01-16 Conor Robert White Methods and systems for improving the security of secret authentication data during authentication transactions
US20140283022A1 (en) * 2012-07-11 2014-09-18 Jason Chris BELONCIK Methods and sysems for improving the security of secret authentication data during authentication transactions
KR20140139451A (en) 2014-10-24 2014-12-05 김혁 Athentication System using mobile device and method thereof
KR20150019125A (en) 2013-08-12 2015-02-25 한국전자통신연구원 Authentication apparatus based onfg motion
US20170227995A1 (en) * 2016-02-09 2017-08-10 The Trustees Of Princeton University Method and system for implicit authentication

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20130128089A (en) 2012-05-16 2013-11-26 효성에프엠에스 주식회사 An authentication system using mobile phone and the authentication method
US20140020058A1 (en) * 2012-07-11 2014-01-16 Conor Robert White Methods and systems for improving the security of secret authentication data during authentication transactions
US20140283022A1 (en) * 2012-07-11 2014-09-18 Jason Chris BELONCIK Methods and sysems for improving the security of secret authentication data during authentication transactions
KR20150019125A (en) 2013-08-12 2015-02-25 한국전자통신연구원 Authentication apparatus based onfg motion
KR20140139451A (en) 2014-10-24 2014-12-05 김혁 Athentication System using mobile device and method thereof
US20170227995A1 (en) * 2016-02-09 2017-08-10 The Trustees Of Princeton University Method and system for implicit authentication

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
Centeno, Mario Panetto et al., "Smartphone Continuous Authentication Using Deep Learning Autoencoders", IEEE 2017 15th PST. Aug. 28, 2017.
Lee, Wei-Han et al., "Multi-sensor Authentication to Improve Smartphone Security", IEEE 2015 ICISSP, Feb. 9, 2015.
Llee, Wei-Han et al., "Secure Pick Up: Implicit Authentication When You Start Using the Smartphone", ACM SACMAT'17, Jun. 21, 2017.

Also Published As

Publication number Publication date
KR102081266B1 (en) 2020-02-25
US20210266740A1 (en) 2021-08-26
WO2020111377A1 (en) 2020-06-04

Similar Documents

Publication Publication Date Title
US10706850B2 (en) Location based voice association system
US9892732B1 (en) Location based voice recognition system
US10789343B2 (en) Identity authentication method and apparatus
AU2017316312B2 (en) Remote usage of locally stored biometric authentication data
US9848298B2 (en) System and method for automated analysis comparing a wireless device location with another geographic location
EP2130357B1 (en) Method for tracking credit card fraud
US10922677B2 (en) Service implementation using a graphic code including a biometric identifier
JP2022513977A (en) Identity identification method, device and server for designated point approval
US20090320123A1 (en) Method and apparatus for user recognition employing motion passwords
US20140279113A1 (en) System and Method to Reduce Misuse of a Financial Instrument at a Point-of-Sale Location
WO2014201780A1 (en) Method, apparatus and system for payment validation
JP7213596B2 (en) Identification method, device and server based on dynamic rasterization management
US20150142439A1 (en) System and method of speaker recognition
US20220164423A1 (en) Method and apparatus for user recognition
US20230027527A1 (en) Identity authentication method, and method and apparatus for training identity authentication model
Gurulian et al. On the effectiveness of ambient sensing for detecting NFC relay attacks
US11696130B2 (en) Mobile phone authentication method using implicit authentication
CN113542393B (en) Data transmission method and device
KR102242949B1 (en) Wireless Communication Device Authentication Method and Apparatus using Deep Learning
US11202205B2 (en) Computer-implemented identification method
CN115019790A (en) Resource transfer method and related device
CN112733116A (en) Method, system and device for identity authentication

Legal Events

Date Code Title Description
AS Assignment

Owner name: FOUNDATION OF SOONGSIL UNIVERSITY-INDUSTRY COOPERATION, KOREA, REPUBLIC OF

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:CHOI, DAE SEON;REEL/FRAME:054750/0679

Effective date: 20201221

FEPP Fee payment procedure

Free format text: ENTITY STATUS SET TO UNDISCOUNTED (ORIGINAL EVENT CODE: BIG.); ENTITY STATUS OF PATENT OWNER: SMALL ENTITY

FEPP Fee payment procedure

Free format text: ENTITY STATUS SET TO SMALL (ORIGINAL EVENT CODE: SMAL); ENTITY STATUS OF PATENT OWNER: SMALL ENTITY

STPP Information on status: patent application and granting procedure in general

Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION

STPP Information on status: patent application and granting procedure in general

Free format text: NON FINAL ACTION MAILED

STCF Information on status: patent grant

Free format text: PATENTED CASE